Privacy Policy

This Privacy Policy (hereinafter referred to as the “Policy”) explains how we collect, use, process and protect your personal data when you visit our website at modralaw.com or when you use our legal services.
Our law firm is committed to protecting your data and complying with applicable data protection legislation, in particular the General Data Protection Regulation (GDPR) [Regulation (EU) 2016/679] and Bulgarian data protection laws.

1. Who we are

The Modra Law Office website (modralaw.com) is maintained by József Módra, attorney-at-law (bar association ID number: 1000826510) and István Módra, attorney-at-law (bar association ID number: 1200616510), who are members of the Sofia Bar Association.

Office address: 21 Petar Parchevich St, 1000 Sofia, Bulgaria

We act as the data controller of your personal data as described in this Policy.

2. What data we collect

Modra Law Law Firm may collect the following categories of personal data about you:

  • Contact data: name, address, e-mail address, phone number.
  • Identification data: identity card or passport details, personal identification number, tax identification number (if required for providing legal services).
  • Financial data: bank account number, payment information (for invoicing purposes).
  • Case-related data: any information you share with us in connection with your legal matter, including facts, documents, correspondence and other relevant data. These may include special categories of personal data (e.g. health data, trade union membership) if relevant to the case.
  • Website usage data: IP address, browser type, operating system, visited pages, referring URLs, time spent on our website, data collected via cookies (see below).

3. Purposes and legal bases for processing your data

We process your personal data for the following purposes and on the following legal bases:

  • Provision of legal services:
    • Purpose: to perform the engagement agreement concluded with you, to provide legal advice and to represent you before courts and other authorities.
    • Legal basis: Performance of a contract (Article 6(1)(b) GDPR).
  • Communication and information:
    • Purpose: to respond to your inquiries and to provide information about our services.
    • Legal basis: Your consent (Article 6(1)(a) GDPR) or our legitimate interest (Article 6(1)(f) GDPR) to communicate with you.
  • Compliance with legal obligations:
    • Purpose: compliance with accounting, tax and other legal obligations (e.g. attorney-client confidentiality, anti-money laundering laws).
    • Legal basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).
  • Operation and improvement of our website:
    • Purpose: to ensure the functionality of the website, to enhance user experience and to carry out statistical analysis.
    • Legal basis: Our legitimate interest (Article 6(1)(f) GDPR) in the efficient operation of our website.
  • Establishment and defence of legal claims:
    • Purpose: to establish, exercise or defend legal claims.
    • Legal basis: Our legitimate interest (Article 6(1)(f) GDPR).

4. With whom we share your data

We share your personal data only in accordance with the law and this Policy, and only when strictly necessary:

  • Courts, authorities and public bodies: for legal representation or compliance with legal obligations.
  • Opposing parties and their legal representatives: to the extent required to conduct the legal matter.
  • Service providers and subcontractors: including accounting, IT support, web hosting providers and translators who process data on our behalf under contractual obligations to protect data.
  • Banks and financial institutions: to process payments.

We do not sell, lease or trade your personal data to third parties.

5. Data security

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or damage.
These measures include data minimisation, restricted access, encryption, password protection and regular security audits.

6. How long we store your data

We store your personal data only for as long as necessary to achieve the purpose of collection, to provide our legal services, and to comply with applicable legal obligations (e.g. accounting, tax and legal archiving requirements under Bulgarian law).
After the expiration of the retention periods provided by Bulgarian law for attorneys’ files, we securely delete or anonymise your data.

7. Your rights regarding your data

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: to ask whether we process your personal data and to receive a copy.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): to request deletion of your data under certain circumstances.
  • Right to restriction of processing: to request restriction of processing in specific cases.
  • Right to data portability: to receive your data in a structured, commonly used, machine-readable format and to transmit them to another controller.
  • Right to object: to object to the processing of your data, especially where processing is based on our legitimate interest.
  • Right to lodge a complaint: to file a complaint with the supervisory authority if you believe your data protection rights have been violated. In Bulgaria, this is the Commission for Personal Data Protection.

You can exercise these rights by contacting us in writing, by email or by post, using the contact details provided at the end of this Policy.

8. Cookies

Our website uses cookies. Cookies are small text files stored on your device when you visit our website. Their purpose is to improve website functionality, personalise user experience and collect statistical data.

  • Types: functional (necessary for the website’s operation), analytical (to measure website usage), marketing (for personalised advertising).
  • Your consent: when visiting our website, we ask for your consent to use cookies, except those strictly necessary for operation. You can manage or disable cookies at any time in your browser settings.

9. Links to other websites

Our website may contain links to other websites. We are not responsible for the privacy practices or content of these external sites. We recommend reviewing their privacy policies.

10. Changes to this Privacy Policy

We reserve the right to amend this Policy from time to time. All updates will be published on our website with the date of modification. We recommend reviewing this page regularly to stay informed of any changes.

11. Contact

If you have any questions about this Privacy Policy or the processing of your personal data, please contact us:

Tel.: +359 88 582 6434
Email:
Office: 21 Petar Parchevich St, 1000 Sofia, Bulgaria

Data Protection Contact (for GDPR-related matters): Attorney József Módra

12. Supervisory Authority

If you believe your rights under applicable data protection laws have been violated, you may lodge a complaint with the competent supervisory authority:

COMMISSION FOR PERSONAL DATA PROTECTION
Address: 2 Prof. Tsvetan Lazarov Blvd., 1592 Sofia, Bulgaria
Tel.: +359 2 915 3 518
E-mail:
Website: www.cpdp.bg

Effective: 3 April 2019

Last modified: 26 June 2025